OWASP Security Shepherd Project - Poor Data Validation 1 (Poor Data Validation Challenge)
Challenge
Solution
First, input 1 in troll to see what happens.The order is completed successfully.
Now, let's see if there is a number validation for negative numbers. Input -1 in troll to see what we got.
The data validation is so poor that it even doesn't check negative number.
At this point, we can start to play trick on the business logic of this application. For example, buy -200 notBad and 1 troll. (That adds to be zero.)
That completes the challenge...
留言
張貼留言
Welcome to share your comments or questions : -)
Enjoy life!